VDB
DEBIAN-CVE-2023-42755
DEBIAN-CVE-2023-42755
PUBLISHED
CVSS 5.5 MEDIUM
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 0, 0, 0 |
| Debian:14 | linux | 0, 0, 0 |
| Debian:12 | linux | 6.1.52-1, 0, 6.1.27-1 |
| Debian:11 | linux | 5.10.106-1, 5.10.113-1, 5.10.120-1 |
Timeline
- Oct 5, 2023 CVE Published
- Apr 28, 2026 CVE Updated